[SECURITY] [DSA 5481-1] fastdds security update

2023-08-2017:44:52

lists.debian.org

cve-2023-39949

security advisory

cve-2023-39948

debian

code execution

denial of service

cve-2023-39946

cve-2023-39534

cve-2023-39945

cve-2023-39947

fast dds

8.2 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H

0.001 Low

EPSS

Percentile

19.5%

JSON

Debian Security Advisory DSA-5481-1 [email protected]
https://www.debian.org/security/ Moritz Muehlenhoff
August 20, 2023 https://www.debian.org/security/faq

Package : fastdds
CVE ID : CVE-2023-39534 CVE-2023-39945 CVE-2023-39946 CVE-2023-39947
CVE-2023-39948 CVE-2023-39949

Multipe security issues were discovered in Fast DDS, a C++ implementation
of the DDS (Data Distribution Service), which might result in denial of
service or potentially the execution of arbitrary code when processing
malformed RTPS packets.

For the oldstable distribution (bullseye), these problems have been fixed
in version 2.1.0+ds-9+deb11u1.

For the stable distribution (bookworm), these problems have been fixed in
version 2.9.1+ds-1+deb12u1.

We recommend that you upgrade your fastdds packages.

For the detailed security status of fastdds please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/fastdds

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: [email protected]

OSVersionArchitecturePackageVersionFilename
Debian11amd64libfastrtps2< 2.1.0+ds-9+deb11u1libfastrtps2_2.1.0+ds-9+deb11u1_amd64.deb
Debian11armelfastdds-tools-dbgsym< 2.1.0+ds-9+deb11u1fastdds-tools-dbgsym_2.1.0+ds-9+deb11u1_armel.deb
Debian11mipselfastdds-tools-dbgsym< 2.1.0+ds-9+deb11u1fastdds-tools-dbgsym_2.1.0+ds-9+deb11u1_mipsel.deb
Debian12armhflibfastrtps-dev< 2.9.1+ds-1+deb12u1libfastrtps-dev_2.9.1+ds-1+deb12u1_armhf.deb
Debian11mips64elfastdds-tools< 2.1.0+ds-9+deb11u1fastdds-tools_2.1.0+ds-9+deb11u1_mips64el.deb
Debian11s390xlibfastrtps2-dbgsym< 2.1.0+ds-9+deb11u1libfastrtps2-dbgsym_2.1.0+ds-9+deb11u1_s390x.deb
Debian12mipselfastdds-tools< 2.9.1+ds-1+deb12u1fastdds-tools_2.9.1+ds-1+deb12u1_mipsel.deb
Debian11i386fastdds-tools< 2.1.0+ds-9+deb11u1fastdds-tools_2.1.0+ds-9+deb11u1_i386.deb
Debian12armellibfastrtps-dev< 2.9.1+ds-1+deb12u1libfastrtps-dev_2.9.1+ds-1+deb12u1_armel.deb
Debian11armelfastdds-tools< 2.1.0+ds-9+deb11u1fastdds-tools_2.1.0+ds-9+deb11u1_armel.deb

OS	Version	Architecture	Package	Version	Filename
Debian	11	amd64	libfastrtps2	< 2.1.0+ds-9+deb11u1	libfastrtps2_2.1.0+ds-9+deb11u1_amd64.deb
Debian	11	armel	fastdds-tools-dbgsym	< 2.1.0+ds-9+deb11u1	fastdds-tools-dbgsym_2.1.0+ds-9+deb11u1_armel.deb
Debian	11	mipsel	fastdds-tools-dbgsym	< 2.1.0+ds-9+deb11u1	fastdds-tools-dbgsym_2.1.0+ds-9+deb11u1_mipsel.deb
Debian	12	armhf	libfastrtps-dev	< 2.9.1+ds-1+deb12u1	libfastrtps-dev_2.9.1+ds-1+deb12u1_armhf.deb
Debian	11	mips64el	fastdds-tools	< 2.1.0+ds-9+deb11u1	fastdds-tools_2.1.0+ds-9+deb11u1_mips64el.deb
Debian	11	s390x	libfastrtps2-dbgsym	< 2.1.0+ds-9+deb11u1	libfastrtps2-dbgsym_2.1.0+ds-9+deb11u1_s390x.deb
Debian	12	mipsel	fastdds-tools	< 2.9.1+ds-1+deb12u1	fastdds-tools_2.9.1+ds-1+deb12u1_mipsel.deb
Debian	11	i386	fastdds-tools	< 2.1.0+ds-9+deb11u1	fastdds-tools_2.1.0+ds-9+deb11u1_i386.deb
Debian	12	armel	libfastrtps-dev	< 2.9.1+ds-1+deb12u1	libfastrtps-dev_2.9.1+ds-1+deb12u1_armel.deb
Debian	11	armel	fastdds-tools	< 2.1.0+ds-9+deb11u1	fastdds-tools_2.1.0+ds-9+deb11u1_armel.deb